1. Field of the Invention
The present invention relates to an information processing apparatus including a memory protecting function.
2. Description of Related Art
A technology for protecting a memory from unauthorized memory access, that is, so-called “memory protection technology” has been known. According to the conventionally-known memory protection technology, when an instruction executing section that executes a program, such as a central processing unit (CPU), accesses a memory, the validity of an access request is verified by comparing and collating access destination address information, which is included in a memory access request output from the instruction executing section, with memory protection information indicative of an access-permitted memory area. Thus, unauthorized memory access to an access-inhibited memory area can be detected, thereby making it possible to protect a memory from unauthorized memory access.
Japanese Unexamined Patent Application Publication No. 61-75446 (Kimura et al.) discloses an address comparison system for memory protection in an information processing apparatus. Specifically, in the address comparison system disclosed in Kimura et al., it is determined whether or not an address of an access destination of a program falls within a range of access-permitted partial memory spaces (falls within access permission range) by comparing a lower bound address and an upper bound address, which fall within the access permission range, with the access destination address. Then, the access to the partial memory space is permitted only when the access destination address falls within the access permission range.
However, the conventional memory protection technology is not enough to prevent destruction of memory data due to an unauthorized stack operation when a part of a memory is used as a stack. The conventional memory protection technology has a first problem in that, when a memory area that can be accessed as a stack (hereinafter, referred to as “stack area”) and an accessible memory area used except for a stack are adjacent to each other, the memory access made by a stack operation instruction is permitted even if the memory access specifies a non-stack area, which may cause destruction of data stored outside the stack.
For example, when it is assumed that a stack overflow is detected using the conventional protection technology, the determination is made after the memory access request is output. In other words, after the instruction executing section executes a stack operation (push operation or pop operation) by executing a single instruction or a plurality of instruction sequences, a stack overflow is detected at the time when the access from the instruction executing section to the outside of the stack area is generated. That is, the conventional memory protection technology has a second problem in that it is difficult to detect the stack overflow before the execution of the stack operation instruction.
Japanese Unexamined Patent Application Publication No. 2000-155677 (Sugano) discloses a technology in which a redundant buffer area for detecting a stack overflow is provided between a stack area and an area used except for the stack area. According to the technology disclosed in Sugano, the stack area is spaced apart from the memory area used except for the stack area, thereby making it possible to solve the first problem. In terms of memory space efficiency, however, the technology disclosed in Sugano is not desirable. In addition, the technology disclosed in Sugano is similar to the conventional memory protection technology in that the stack overflow is detected after the stack operation instruction is executed. The technology disclosed in Sugano has a problem in that, for example, debugging for specifying the cause of the generation of the stack overflow cannot be effectively performed.
Japanese Unexamined Patent Application Publication No. 2000-20352 (Toride) discloses a technology in which, in the case of calling a function (including a procedure and a subprogram), for example, a value of a stack pointer register for holding a stack pointer is compared with an overflow detection address when stack extension is performed by updating the value of the stack pointer. FIG. 13 is an explanatory diagram disclosed in Toride. A comparator 83 compares the stack pointer value stored in a stack pointer register (SPR) 82, with the overflow detection address stored in a stack overflow register 81, thereby detecting that the stack is extended over the stack area. Thus, according to the technology disclosed in Toride, the generation of the stack overflow can be predictively detected before the execution of the stack operation instruction.